May 31, 2003

Analysts to SCO: No thanks to code review offer

By Patrick Thibodeau and Todd R. Weiss
MAY 30, 2003

Analysts are balking at The SCO Group Inc.'s offer to view its proof that there is illegal Unix code in Linux, with one calling the move a publicity stunt. Meanwhile, Linux creator Linus Torvalds today said that he has no plans to look at the code and that the battle between SCO, IBM and Novell Inc. is on par with a rancorous episode of the Jerry Springer Show.

In an effort to convince the world that the Linux operating system was created in part with its Unix code, SCO said it plans next week to begin showing analysts its evidence -- provided those parties sign a nondisclosure agreement (NDA).

But Giga Information Group Inc. analyst Stacey Quandt said she has discussed SCO's offer with her legal counsel, and if she signs an NDA, it may hinder her ability to write about it. She could get subpoenaed as well. Quandt called the offer a PR stunt.

"[SCO] should tell everybody what they have," said Quandt, who has advised clients of Cambridge, Mass.-based Giga to continue with their Linux adoption.

Other analyst firms expressed similar reservations about playing an active role in SCO's $1 billion lawsuit against IBM, which alleges misappropriation of trade secrets and other claims. SCO has warned some 1,500 businesses that they may be using Linux at their legal peril.

One person who won't sign a nondisclosure agreement is Torvalds, who created Linux in 1991. Torvalds, in an e-mail response, said there's "no way" he can sign a nondisclosure agreement with SCO to review the code. "Others have asked and haven't gotten anything, so I don't see much point. They don't want to tell; they want to sue. I'm told that it will come out in discovery during the actual suit at some point."

As for what he thinks of SCO's actions, Torvalds in an e-mail interview compared the fight between SCO, IBM and Novell Inc. to bad TV. "Quite frankly, I found it mostly interesting in a Jerry Springer kind of way. White trash battling it out in public, throwing chairs at each other. SCO crying about IBM's other women. ... Fairly entertaining," said Torvalds.

George Weiss, an analyst at Stamford, Conn.-based Gartner Inc. who recently recommended minimizing Linux in complex, mission-critical systems until the merits of SCO's claims are clear, has been talking to SCO and is also leaning against accepting the offer. Weiss said SCO is making its case based on "vague inferences" and is asking analysts to do the same. "It's stepping right into their shoes," he said.

What do you think? Post your opinions and see what others have to say in our discussion forum.

Framingham, Mass.-based IDC is also mulling the offer from SCO to review source code, but it has reservations. "I'm not sure that showing us the code would prove anything to me, because I don't know where it came from," said IDC analyst Dan Kusnetzky.

Despite the concerns expressed by Gartner, Giga and IDC, Darl McBride, SCO's CEO, today said that five or six analysts have expressed interest in viewing the code under NDAs. He said that some "highly recognizable" members of the open-source community have also asked about the NDA process, but he would not give their names.

Starting next week, SCO will "be happy to show the code," he said.

The value of review by analysts at Giga, IDC, Gartner or any independent source is questionable and legally risky for anyone who agrees to it, said Michael Overly, a partner at the law firm Foley & Lardner in Los Angeles. Anyone who reviews the source code can expect to be deposed in the IBM lawsuit. "Do they want to lose all that employee time and face potential adverse publicity?" asked Overly.

But if an analyst says there are copyright infringements, other Linux firms could make claims against the analyst's firm because the opinion could depress Linux earnings. Those companies could seek to find out whether the analyst was negligent in his analysis of the code, said Overly.

Even if there is similar code, that doesn't mean there is infringement, especially under copyright law "fair use" provisions, said Overly. "If I take a piece of code that someone has written, take it verbatim but expand on it and use it for a completely different work, that may or not be copyright infringement," he said.

Overly said a review of the code by anyone other than a judge "means absolutely, positively nothing" in determining the merit of SCO's claims.

Regardless of the uncertainties, legal experts said Linux users have to pay attention to the fight. "The fact that you ignored it could potentially cause your damages to increase substantially," said Brian E. Ferguson, an attorney at McDermott, Will & Emery's Washington office. "The ostrich's head-in-the-sand approach is definitely not an option."

Matthew Furton, an attorney at Gordon & Glickson LLC in Chicago, said it's premature for any company to reduce or eliminate its exposure to Linux. "The fact that someone is making allegations about proprietary technology [being] inappropriately included doesn't mean that companies should uninstall or cease deployments," he said. "It means they should remain vigilant about the case."